promatica digital

Promatica Digital Temp Tracker

TempTracker is a data logger and software solution with top-of-the-line security standards. It actively monitors and alerts medical fridge, ambient and vaccine storage temperature digitally, which eliminates the need for time-consuming manual fridge monitoring.

It proves to the CQC you are effective at monitoring the temperature of your medical fridges.

Features

• Ensures medicines are kept within range all day, every day
• Provides proof of historical logging of every fridge for compliance
• Actively alerts when outside of temperature range
• Remote browser based for ease of access
• On-site, on cloud or hybrid secure hosting
• Supports WiFi, Ethernet, Long Range Radio or mixed connectivity
• Battery or mains powered

Benefits

• Makes CQC audits easier, faster, and better quality
• Real-time access to logs and alerts
• Analytics dashboard for data interpretation
• Saves time and resources from temperature checking daily
• More flexible deployment options for power and connectivity
• Single system can support all areas of temperature tracking

£3,000 to £120,000 a licence

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@promaticadigital.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

418981971448861

Contact

Alex Buckland
07974 651 358
contact@promaticadigital.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No
• System requirements: Software licensing

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: This will depend upon the SLA. Typically 24 hours excluding weekends.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Assistive technology users can dictate using their operating system features into the chat support.
• Onsite support: Yes, at extra cost
• Support levels: First line basic support and filtering. Second line technical support as required. Escalation to senior or director level depending on severity and impact. All included at no extra cost.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We provide user guides and additional materials for super-users with technical help support as required. We can provide online train the trainer training and onsite go-live support.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: A copy of the database will be provided but customers may extract data directly from the database or via a cvs file at any time.
• End-of-contract process: This may vary by contract but generally decommissioning is an additional cost. Any data transformations will be an additional cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile restricted to essential features.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Access via browser login
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: None to date
• API: Yes
• What users can and can't do using the API: Partial API, including but limited to ADFS
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: We can modify workflow to meet customer requirements. Dashboards, reports and analytics can be user-configured by users with admin permissions. Some priority colours and warning time limits or target times can be customised to the services requirements

Scaling

• Independence of resources: The application either sits on the customer’s own IT system and is not impacted by the demands of other customers, or sits on our secure cloud infrastructure which is constantly monitored and can auto scale to stay above demand.

Analytics

• Service usage metrics: Yes
• Metrics types: Number of users registered, the usage of the application, size of files to date, activity relating to areas of use and the number of transactions done
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: We do not hold data
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: This is not required as all reports are provided online through the platform. Bespoke arrangements can also be made if required.
• Data export formats:
  • CSV
  • ODF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: Data either remains within the customer’s network and is not transferred to Promatica Digital Ltd, or is transferred via Secure TLS 1.2 or above
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Guaranteed by the cloud service provider - typically 99.8%
• Approach to resilience: Data is held by our customers so resilience is their responsibility. Where cloud hosting is taken up the hosting service will provide this information on request.
• Outage reporting: If hosted on our cloud, email alerts. If hosted by customer this is a customer responsibility as they host the application and hold the data. If support is required it can be requested by email.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: This is the responsibility of our customers. NHS bodies generally use two factor authentication and with our optional Active Directory integration, we adopt the same principles as the customer policy.
• Access restrictions in management interfaces and support channels: Management does not have access to data. Support staff may only access the application and data when supervised by customer staff.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: NHS Data Security & Protection Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: CyberEssentials Plus and DSPT
• Information security policies and processes: Promatica Digital Ltd has an Information Security policy and a Data Protection policy. We apply the principle of least privilege (PoLP) and on occasion our technical staff may need to access to the application to provide support. When this occurs they are closely monitored by a senior manager and by customer staff.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The service is tested internally and again in customer UAT before deployment. Both clinical and security checks ocurr on an ongoing basis during development. Pen testing will be undertaken annually. Service changes will be thoroughly tested before deployment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Threats and issues are identified by the supplier, customers, or annual pen testing. They are assessed based on risk, frequency, and technical competency. If any ‘gap’ is highlighted we will respond to high-risk issues within 24 hours. We get our information from OWASP about web application security
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Issues are identified by the supplier or our customers and we will respond to high-risk issues within 24 hours. At a minimum, weekly checks of logs are in place.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have adopted the NHS incident management processes and incidents would be reported via the reporting tool associated with the DS&P Toolkit. Where we are working with local health economies that have their own preferred arrangements we will adopt those too.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  Through effective and real-time monitoring of refrigerators in large hospital trusts, malfunctioning equipment can be identified early and repaired, reducing the malfunctioning device's environmental impact.; ; Waste medicine is also avoided thanks to temperature alerting. If temperatures start to fall near to an unsafe range, an alert is triggered and interventions can be put in place to save the medicine from being spoiled, thus preventing unnecessary manufacture and wasteful and expensive disposal.

Pricing

• Price: £3,000 to £120,000 a licence
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@promaticadigital.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.